[w3c/permissions] WebDriver: Should Set Permission apply to future browsing contexts? (Issue #437) from Alex Rudenko on 2024-01-16 (public-webapps-github@w3.org from January 2024)

From: Alex Rudenko <notifications@github.com>
Date: Tue, 16 Jan 2024 03:42:04 -0800
To: w3c/permissions <permissions@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/permissions/issues/437@github.com>

While adding support for the automation over WebDriver BiDi, I have noticed that [Set a permission](https://www.w3.org/TR/permissions/#dfn-set-a-permission) specifies that the permissions should be changed for only currently existing browsing contexts (unless I am misinterpreting?):

> Let targets be a [list](https://infra.spec.whatwg.org/#list) containing all [environment settings objects](https://html.spec.whatwg.org/multipage/webappapis.html#environment-settings-object) whose [origin](https://html.spec.whatwg.org/multipage/webappapis.html#concept-settings-object-origin) is [same origin](https://html.spec.whatwg.org/multipage/browsers.html#same-origin) with target origin.

It does sound like if a new browsing context (and IIUC a new context would have a new environment settings object) with a previously configured origin gets created, it should not inherit the previously set permissions. I think that current implementation in Chrome does propagate previously set permissions to new contexts and I think this is what would be expected because the origin (and not a context) is an input for the method.

Test case:

```
@pytest.mark.asyncio
async def test_set_permission_new_context(bidi_session, new_tab, url):
    test_url = url("/common/blank.html", protocol="https")

    await bidi_session.browsing_context.navigate(
        context=new_tab["context"],
        url=test_url,
        wait="complete",
    )

    origin = await get_context_origin(bidi_session, new_tab)

    assert await get_permission_state(bidi_session, new_tab,  "geolocation") == "prompt"

    await bidi_session.permissions.set_permission(
        descriptor={"name": "geolocation"},
        state="granted",
        origin=origin,
    )

    assert await get_permission_state(bidi_session, new_tab,  "geolocation") == "granted"

    new_context = await bidi_session.browsing_context.create(type_hint="tab")
    assert new_tab["context"] != new_context["context"]
    await bidi_session.browsing_context.navigate(
        context=new_context["context"],
        url=test_url,
        wait="complete",
    )

    assert await get_permission_state(bidi_session, new_context,  "geolocation") == "granted" # Expected: prompt if I interpret the spec right.
 ```

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/issues/437
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/permissions/issues/437@github.com>

Received on Tuesday, 16 January 2024 11:42:09 UTC